package jevon.philautus.webservice;

import javax.validation.Valid;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import jevon.philautus.domain.User;

/**
 * 用户登录的WebService
 * 
 * @author fujinjun
 * 
 */
@RequestMapping("/rs")
@Controller
public class Rs_Security {

	@RequestMapping(value = "/login", method = RequestMethod.POST)
	@ResponseBody
	boolean login(@Valid User user, BindingResult result) {
		if (result.hasErrors()) {
			return false;
		}
		UsernamePasswordToken token = new UsernamePasswordToken(
				user.getUsername(), user.getPasswd(), true);
		try {
			SecurityUtils.getSubject().login(token);
		} catch (AuthenticationException e) {
			return false;
		}
		if (result.hasErrors()) {
			return false;
		}
		return true;
	}
}
